Throughput issues
This section helps you identify throughput issues and suggests actions to address them.
Link testing
You can identify delays or lost packets by sending ping packets from your wireless client. If there is more than 10 ms of delay, there may be a problem with your wireless deployment, such as:
- The client transmits a week signal. The host does not reach the AP.
- The AP utilization is too high. Your AP is saturated with connected clients.
- There is interference in the wireless network. Third-party signal can degrade your AP or the client's ability to detect signals between them.
- The AP has a weak transmit power. The AP does not reach the host. This problem is not common in a properly deployed network, unless the client is too far away.
Performance testing
If the FortiAP gives poor throughput to the client, the link can drop. You can measure the link throughput or performance between two devices by using third-party application tools such as iPerf and jPerf.
Measuring the file transfer speed
Another way to get a sense of your throughput issues is to measure the speed of a file transfer on your network. Create a test file at a specific size and measure the speed at which Windows measures the transfer. The command below creates a 50 MB file. The file name is test.txt.
fsutil file createnew test.txt 52428800
The following image shows a network transfer speed of just over 24 Mbps. The theoretical speed of 802.11g is 54 Mbps, which is what this client is using. A wireless client is never likely to see the theoretical speed.
TKIP limitation
If you find that throughput is a problem, avoid WPA security encrypted with Temporal Key Integrity Protocol (TKIP) as it supports communications only at 54 Mbps. Use WPA-2 AES instead.
Speeds are very much based on what the client computer can handle as well. The maximum client connection rate of 130 Mbps is for 2.4 GHz on a 2x2, or 300 Mbps for 5 GHz on a 2x2 (using shortguard and channel bonding enabled).
If you want to get more than 54 Mbps with 802.11n, do not use legacy TKIP, use CCMP instead. This is standard for legacy compatibility.
IP packet fragmentation prevention in CAPWAP tunnels
TKIP is not the only possible source of decreased throughput. When a wireless client sends jumbo frames using a CAPWAP tunnel, it can result in data loss, jitter, and decreased throughput. For more details, see IP fragmentation of packets in CAPWAP tunnels.
Slow DTLS response
The following elements are involved in the CAPWAP association:
- request
- response
- full of DTLS (Datagram Transport Layer Security) tunnel establishment
- join
- configuration
All of these element are bidirectional. If the DTLS response is slow, there could be a configuration error or an issue with a certificate during the discovery response. For details about the CAPWAP Protocol Specification, see RFC 5415 and RFC 5416.